All new protections DDR4 memory will not work on new Rowhammer attack

In recent years, security vulnerabilities have been found in chips of all shapes and sizes, from CPUs to GPUs and modems to Dram chips. The latter category is theoretically susceptible to attacks in the Rowhammer category. Researchers at the Swiss Computer Security Group (COMSEC) have discovered a new Rowhammer attack that makes virtually all dram modules vulnerable.

The theoretical attack is Blacksmith and bypasses all hardware protections of ddr4, which incorporates additional security mechanisms. Because older dram generations are built on the same principle, it is likely that older modules are also vulnerable, although they have not been tested by the team. Malicious agents attack specific parts of a dram chip via a Rowhammer attack by requesting access millions of times per second with certain cartridges. This can cause a bit flip in the surrounding bits, causing them to jump from a one to a zero or vice versa.

To ward off Rowhammer attacks, dram manufacturers target row refresh (trr) implemented. This refreshes the information stored in the surrounding bits of the bits under attack. This keeps the information stored correctly, but Blacksmith manages to circumvent all these protections. The researchers tested 40 modules from Samsung, SK Hynix and Micron and used a large number of random patterns. These three manufacturers represent about 94% from the market. The best patterns were not stopped by the measures, so that the bit flips could still take place. By attacking an rsa-2048 security key, the passwords to root privileges could be obtained.

Samsung, SK Hynix, Micron, Intel, AMD, Microsoft, Oracle and Google have confirmed that the vulnerability is reproducible. As far as is known, this is a theoretical attack and there have been no cases where the vulnerability has been exploited, although this is difficult to prove. No dimms have been found that are completely safe. On ecc memory, COMSEC says it complicates existing Rowhammer attacks, but does not completely stop them. However, nothing is said about the current state of affairs, but judging by the findings of the organization it will probably offer little benefit.

Source: Computer Security Group


Source: Hardware Info Compleet by nl.hardware.info.

*The article has been translated based on the content of Hardware Info Compleet by nl.hardware.info. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!

*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.

*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!